You are here: Home/Open Source/ Leviathan: An All In One Security Audit Toolkit!

Leviathan: An All In One Security Audit Toolkit!

Posted: 2 years ago by @pentestit4077 viewsUpdated: May 1, 2017 at 11:47 pm

Fresh off the GitHub repository – Leviathan, an open source, wide-range security audit toolkit that helps you with service discovery, brute force, SQL injection detection and running custom exploit. One of the guys behind this project is Utku Sen. If you remember he was the one who wrote open source ransomware – EDA2 and Hidden Tear.

Leviathan

Leviathan is an open source mass audit toolkit written in Python, which has wide-range service discovery, brute force, SQL injection scanning and custom exploit execution capabilities. It encompasses other open source tools such Masscan, Ncrack, DSSS (Damn Small SQLi Scanner) and gives you the flexibility of using them with a combination. By wide-range, the tool authors mean not an enterprise network, but a they are talking about country-wide ranges or a whole IP range!

Brute Force: You can brute force the discovered services with integrated “ncrack” tool. It has wordlists which includes most popular combinations and default passwords for specific services. Ncrack is a high-speed network authentication cracking tool for services services such as FTP, SSH, RDP, Telnet, MYSQL etc.

Remote Command Execution: You can run system commands remotely on compromised devices.

SQL Injection Scanner: Discover SQL injection vulnerabilities on websites with specific country extension or with your custom Google Dork. This is done by implementing DSSS, which is a fully functional and minimal SQL injection vulnerability scanner.

Exploit Specific Vulnerabilities: Discover vulnerable targets with Shodan, Censys or masscan and mass exploit them by providing your own exploit or using pre-included exploits.

But you are free to add more! Simply implement them as mentioned here and add them to the /lib/exploits folder. I am adding the DoublePulsar detection here. The project page has well presented video tutorials that explain how Leviathan works. As of now, this project has been tested on Linux (Kali Linux, Debian, Ubuntu), macOS.

The only problem that I have found as of now is with almost all open source Python projects – KeyboadInterrupts are not well handled. But otherwise, this seems to be a well rounded tool with a promise.

Download Leviathan 0.1:

Installation is simple. Simply clone the GIT repository and run pip install -r requirements.txt. Additional information can be found here.

Featured Post

Kali Linux 2019.1 is the latest Kali Linux release. This is the first 2019 release, which comes after Kali Linux 2018.4, that was made available in the month of October. This new release includes all patches, fixes, updates, and improvements since the last release – Kali Linux 2018.3, including a shiny new Linux kernel versionRead more about UPDATE: Kali Linux 2019.1 Release!